Studies: U.S. security threatened by Internet

(IDG) -- During the next 15 years, the U.S. will face a new breed of Internet-enabled terrorists, criminals and nation/state adversaries that will launch attacks not with planes and tanks, but with computer viruses and logic bombs, according to two reports released last month.

Although the 68-page report by the CIA's National Intelligence Council (NIC) mentioned critical electronic infrastructure protection and information warfare only briefly, it warned Americans that adversaries around the world are hard at work developing tools to bring down the U.S.'s private sector infrastructure.

Many countries already have programs to develop such technologies and "could develop such capabilities over the next decade and beyond," according to the NIC study.

A report by the Washington-based Center for Strategic and International Studies (CSIS) went even further, warning of a future cyberarms race and the rise of terrorist groups supported by "computer-literate youngsters" bent on disrupting the Internet.

"The U.S., Russia, China, France and Israel are developing cyberarsenals and the means to wage all-out cyberwarfare," the CSIS study said.

China is of particular concern, said experts, because it's devising strategies for unrestricted electronic warfare. Officials said critical infrastructures in the U.S. could be targeted in the future as revenge for incidents like the 1999 accidental bombing of the Chinese embassy in Serbia.

"They suggest having every person in China send one e-mail to [an address] of interest in the U.S. or use hacker tools easily available on the Internet to support a mass [denial-of-service] attack," said John Shissler, a former military intelligence officer.

Online extortion and falsification of shipping manifests by criminals, and attempts by countries to use hacking techniques to evade trade sanctions are a rising concern, said Jeffrey Hunker, senior director for critical infrastructure protection at the White House.

Hunker said officials are also becoming increasingly concerned with the proliferation of "always-on" Internet appliances, such as modems and network printers. Hackers are finding ways to penetrate these devices and possibly use them as launching pads for more devastating distributed denial-of-service attacks, he said.

Last year, a hacker cracked into a printer at the Navy's Space and Naval Warfare Center and rerouted a potentially sensitive document to a server in Russia.

Stephen Northcut, director of the Global Incident Analysis Center at the SANS Institute in Bethesda, Md., said that in one day recently, his cable modem-equipped laptop received 54 probes, two of which penetrated his personal firewall. "Our systems come to us hackable," said Northcut. "It's a feature."

Winn Schwartau, founder of security consultancy Interpact Inc. in Seminole, Fla., said the real threat comes from the design of the U.S. infrastructure and the people who run it.

"We built these systems and our business models on the assumption that things will always work," said Schwartau. If a major attack is made on the infrastructure, "it's going to happen from the inside," he said.

Tim Atkin, a member of the National Partnership for Critical Infrastructure Security and director of critical infrastructure protection at consulting firm SRA International Inc. in Fairfax, Va., said the reports hold a "powerful message" for the national cybersecurity effort. He added, however, that future preparedness will be determined by how much emphasis companies and the government place on fixing known vulnerabilities, training and education and enforcing good security policies.

Dan Morrison, a partner in the risk consulting group at Arthur Andersen LLP in Ottawa, said although the threat of terrorists groups attacking the infrastructure is real, a word of caution is needed. "It's scary, but it's really hard to bring down the Internet."